MatchPointe Group
Cybersecurity Analyst
MatchPointe Group, Santa Ana, California, United States, 92725
Cybersecurity AnalystDuration: 12+ MonthsLocation: Santa Ana, California – ONSITEMatchpointe Group, Inc is seeking a Cybersecurity Analyst, experienced with cybersecurity infrastructure, methodologies, and tools, to work for us in supporting the City of Santa Ana client. The Cybersecurity Analyst position is located within the City’s Information Technology Department and reports to the Information Security Officer. (The Cybersecurity Analyst does not perform supervisory duties)This position will start as a relatively lower mid level Analyst, initially requiring hands-on administration of the City’s cybersecurity posture (infrastructure and processes), leading to acquisition of cybersecurity applications and tools, then development and implementation of cybersecurity policies, standards, guidelines, and procedures, toward transition into a Cybersecurity Officer role.This is NOT a senior level position but is also NOT an intern or junior position – it is a growth opportunity for an ambitious and passionate cybersecurity analyst with enough experience to take on responsibility from day one, looking to grow into a strong cybersecurity career.Essential Duties and ResponsibilitiesPhase 1Monitor and utilize security toolsets to identify suspicious and malicious activities and inadequate security practices across the Port’s network (e.g., analyze network traffic, vulnerability scans, identification of computerviruses, unauthorized user activity) which may compromise the integrity and availability of systems.Perform Event detection & response tuning on relevant reporting and alerting systems.Perform Active Threat Hunting responding to security events and initiating remediation effortsAssist with incident response planning, respond and investigate cybersecurity events/incidences.Writes reports for management regarding incidences and false positives.Review security information and event management logs and reports, provide findings and recommendationsto IM leadership.Phase 2Assist with planning and implementing cybersecurity measures to protect networking, servers, applications,and computer systems.Perform risk assessments and mitigation planning.Facilitate internal and external penetration testing.Assist with the development and implementation of information security policies, standards, guidelines, and procedures.Review designs of proposed major applications and upgrades for compliance with security policy; perform routinesecurity audits, report findings, recommend system enhancementsEducation, Skills & Desirable Certification(s)2+ years of experience in working within enterprise cybersecurity systemsBachelors of Science in Computer Science or related fieldHold at least one of the following certifications:
Global Information Assurance Certification Security Essentials (GSEC);CompTIA Advanced Security Practitioner (CASP+) or Security+;Cisco Security Certification CCNA, or CCNA Cyber OpsOther related industry accepted certification
Understands common protocols such as: DHCP, LDAP, SNMP, SMTP, HTTP, SSL.Demonstrates strong understanding of cybersecurity concepts, best practice and tools.Desirable SkillsKnowledge and experience with Security Incident and Event Management (SIEM) Systems.Knowledge and experience with Intrusion Detection Systems and other alerting platforms.Familiarity with enterprise networking technology.Experience with anomaly detection and behavioral analytics.Prior experience working in conjunction with a Managed Detection and Response (MDR) vendor would be very helpful because our client anticipates using such a service within the next year or so. But if you don’t have that experience, that’s ok if you possess most of above- mentioned qualifications.
#J-18808-Ljbffr
Global Information Assurance Certification Security Essentials (GSEC);CompTIA Advanced Security Practitioner (CASP+) or Security+;Cisco Security Certification CCNA, or CCNA Cyber OpsOther related industry accepted certification
Understands common protocols such as: DHCP, LDAP, SNMP, SMTP, HTTP, SSL.Demonstrates strong understanding of cybersecurity concepts, best practice and tools.Desirable SkillsKnowledge and experience with Security Incident and Event Management (SIEM) Systems.Knowledge and experience with Intrusion Detection Systems and other alerting platforms.Familiarity with enterprise networking technology.Experience with anomaly detection and behavioral analytics.Prior experience working in conjunction with a Managed Detection and Response (MDR) vendor would be very helpful because our client anticipates using such a service within the next year or so. But if you don’t have that experience, that’s ok if you possess most of above- mentioned qualifications.
#J-18808-Ljbffr